New Facebook Messenger Scam Attack

I am including 3 possible Facebook(Meta) messenger scam attacks – also known as Social engineering attacks. Yes there are also Facebook Messenger attacks. What are they? what if somebody messages you and asks a number of possible questions: A.   “Remove this image from your facebook page immediately it affects us” B.  Can I buy this? … Read more

Another OpenSSH RCE Vulnerability – i.e. Patch Now!

Linuxsecurity.com has the story RCE means Remote Code Execution which means that the attacker does not need an account to make a successful attack.  This vulnerability is rated 9.8 out of 10 thus it is very high. “Two critical remote code execution (RCE) vulnerabilities have been found in OpenSSH (CVE-2023-28531 and CVE-2023-38408). Because these bugs … Read more

Another Phishing Attack Angle

  Hackers have found ways to add notification code behind the website code.  Thus if you say Allow in the notification window: then eventually a ‘bad’ notification comes up: Here is an example of ‘bad’ or hacker initiated notifications:   Here is where cybernews.com had the story and the investigation by cybernews showed the details … Read more

Fake Microsoft Ad Campaign Causes Ransomware Attacks

The SC Magazine has a story about this phenomenon: ‘Big Head’ malware threat looms, warn researchers: “In a report posted Friday, Trend Micro said while there was no evidence as yet Big Head had been used successfully, its developers appeared to be experienced, although possibly not sophisticated, threat actors.” The way it is being spread … Read more

WAGO Controllers Vulnerable to Remote Command Execution

Several types of WAGO Controllers (I/O) have RCE vulnerabilities according to OneKey    got the info from CERT (Computer Emergency Response Team) Here is the list from CERT: Article No° Product Name Affected Version(s) 751-9301 Compact Controller CC100 FW20 <= FW22 751-9301 Compact Controller CC100 = FW23 752-8303/8000-002 Edge Controller = FW22 750-81xx/xxx-xxx PFC100 FW20 … Read more